Embodiments of the inventive subject matter generally relate to the field of application server security, and, more particularly, to associating multi-security domains to application servers.
Websphere® application servers are usually statically bound to a single security domain that is defined through a configuration procedure. The security domain corresponds to a set of security attributes that define the security behavior of the server at runtime. Static association to a single security domain disregards the variety of security environments in which applications may be deployed. For example, an application for accessing financial account information should be run in an environment with a higher level of security than an application that can be accessed anonymously. Deploying these different applications on the same application server that is statically bound to one security domain may be impractical.